IP获取测试代码添加,,,.

发送验证码请求体添加device_token（设备id）

IP获取测试代码添加,,,.
发送验证码请求体添加device_token（设备id）
6972ad6d · Chongwen.jiang · 1562927c · 6972ad6d · 6972ad6d · 6972ad6d
--- a/server/pom.xml
+++ b/server/pom.xml
@@ -164,6 +164,18 @@
            <version>1.0.1</version>
        </dependency>
+        <!-- apple identifyToken校验 -->
+        <dependency>
+            <groupId>io.jsonwebtoken</groupId>
+            <artifactId>jjwt</artifactId>
+            <version>0.9.1</version>
+        </dependency>
+        <dependency>
+            <groupId>com.auth0</groupId>
+            <artifactId>jwks-rsa</artifactId>
+            <version>0.9.0</version>
+        </dependency>
    </dependencies>

--- a/server/src/main/java/com/pica/cloud/account/account/server/controller/AutoCodeController.java
+++ b/server/src/main/java/com/pica/cloud/account/account/server/controller/AutoCodeController.java
@@ -14,10 +14,7 @@ import com.pica.cloud.account.account.server.resp.UnifiedVerificationResp;
 import com.pica.cloud.account.account.server.service.AccountService;
 import com.pica.cloud.account.account.server.service.AccountUnionService;
 import com.pica.cloud.account.account.server.service.CaptchaService;
-import com.pica.cloud.account.account.server.util.AESUtil;
+import com.pica.cloud.account.account.server.util.*;
-import com.pica.cloud.account.account.server.util.AccountUtils;
-import com.pica.cloud.account.account.server.util.CryptoUtil;
-import com.pica.cloud.account.account.server.util.RegisterCodeKeyUtils;
 import com.pica.cloud.foundation.entity.PicaException;
 import com.pica.cloud.foundation.entity.PicaResponse;
 import com.pica.cloud.foundation.entity.PicaResultCode;
@@ -29,10 +26,12 @@ import com.pica.cloud.riskcontrol.riskcontrol.common.req.CheckcodeRiskReq;
 import com.pica.cloud.riskcontrol.riskcontrol.common.resp.CheckcodeRiskResp;
 import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;
+import org.apache.catalina.servlet4preview.http.HttpServletRequest;
 import org.apache.commons.lang3.StringUtils;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.PostMapping;
 import org.springframework.web.bind.annotation.RequestBody;
 import org.springframework.web.bind.annotation.RestController;
@@ -64,23 +63,33 @@ public class AutoCodeController extends AccountBaseController {
    @Autowired
    private CheckCodeClient rcClient;
+    @GetMapping("/ip")
+    public PicaResponse getIp(HttpServletRequest request){
+        return PicaResponse.toResponse(IPUtil.getIpAdrress(request));
+    }
    @ApiOperation("获取短信验证码,无需图形验证码,如app端")
    @PostMapping(value = "/authCode")
-    public PicaResponse getAuthCode(@RequestBody EncryptEntity entity) throws Exception {
+    public PicaResponse getAuthCode(@RequestBody EncryptEntity entity, HttpServletRequest req) throws Exception {
        //  验证码类型 0默认 1注册 2微信登录绑定手机 3修改手机
        //  4重置密码 5忘记密码 7患者招募提交问卷(效验) 8Appe登录绑定手机
        BaseRequest request = CryptoUtil.decrypt(entity, BaseRequest.class);
        AccountUtils.checkMobilePhone(request.getMobile());
-        if(request.getBizType() != null && request.getBizType().equals(1)){
+        if (request.getBizType() != null && request.getBizType().equals(1)) {
-            //  TODO 调用风控接口
+            //  调用风控接口
-            UnifiedVerificationResp rcResp = rcValidate(request.getMobile(), request.getFlag());
+            UnifiedVerificationResp rcResp = this.rcValidate(
-            if(rcResp == null){
+                    request.getMobile(),
+                    request.getFlag(),
+                    IPUtil.getIpAdrress(req),
+                    super.getDeviceInfo(),
+                    request.getDevice_token());
+            if (rcResp == null) {
                //  风控接口调用异常也继续后面的逻辑
                processSysCode(request.getMobile(), request.getFlag());
                return PicaResponse.toResponse();
            } else {
-                if(null == rcResp.getBizCode()){
+                if (null == rcResp.getBizCode()) {
                    //  风控校验后允许发送短信验证码
                    processSysCode(request.getMobile(), request.getFlag());
                    return PicaResponse.toResponse();
@@ -220,27 +229,42 @@ public class AutoCodeController extends AccountBaseController {
     * @Params [mobile]
     * @Return com.pica.cloud.account.account.server.resp.UnifiedVerificationResp
     */
-    private UnifiedVerificationResp rcValidate(String mobile, Integer flag) {
+    private UnifiedVerificationResp rcValidate(String mobile,
+                                               Integer flag,
+                                               String publicIp,
+                                               String deviceInfoStr,
+                                               String deviceToken) {
        //  调用风控接口
        try {
+            logger.info("rcValidate-publicIp:{}, deviceToken:{}, deviceInfoStr:{}",
+                    publicIp, deviceToken, deviceInfoStr);
            CheckcodeRiskReq rcReq = new CheckcodeRiskReq();
            rcReq.setMobile(mobile);
-            /*rcReq.setDeviceId();
+            rcReq.setIp(publicIp);
-            rcReq.setIp();
+            PICAPDeviceInfo deviceInfo = JSON.parseObject(deviceInfoStr, PICAPDeviceInfo.class);
-            rcReq.setDeviceIp();*/
+            rcReq.setDeviceIp(deviceInfo.getDevice_ip());
+            rcReq.setDeviceId(deviceToken);
-            logger.info("rc-req:{}", JSON.toJSONString(rcReq));
+            logger.info("rc-checkcodeRisk-req:{}", JSON.toJSONString(rcReq));
            PicaResponse picaResponse = rcClient.checkcodeRisk(rcReq);
-            logger.info("rc-resp:{}", JSON.toJSONString(picaResponse));
+            logger.info("rc-checkcodeRisk-resp:{}", JSON.toJSONString(picaResponse));
            if (picaResponse != null &&
                    PicaResultCode.SUCCESS.code().equals(picaResponse.getCode())) {
                Object data = picaResponse.getData();
-                if (Objects.nonNull(data)) {
+                if (Objects.isNull(data)) {
-                    JSONObject respData = JSON.parseObject(
+                    return null;
-                            JSON.toJSONString(data), JSONObject.class);
+                }
-                    if (StringUtils.isNotEmpty(respData.getString("processCode"))) {
+                CheckcodeRiskResp respData = JSON.parseObject(
-                        Integer processCode = Integer.valueOf(respData.getString("processCode"));
+                        JSON.toJSONString(data), CheckcodeRiskResp.class);
-                        if (null != processCode) {
+                if(StringUtils.isEmpty(respData.getProcessCode())){
+                    //  请求返回异常
+                    return null;
+                }
+                Integer processCode = Integer.valueOf(respData.getProcessCode());
+                if(null == processCode){
+                    //  请求返回的processCode异常
+                    return null;
+                }
+                //  请求返回正常
                if (processCode.equals(BizTypeRespEnum.RC_SEND_FAIL.getCode())) {
                    UnifiedVerificationResp resp = new UnifiedVerificationResp();
                    resp.setBizCode(BizTypeRespEnum.RC_SEND_FAIL.getCode());
@@ -272,15 +296,12 @@ public class AutoCodeController extends AccountBaseController {
                                .replace("{remainTime}", String.valueOf(remainTime)));
                    }
                    return resp;
-                            }
+                } else {
-                        }
-                    }
-                }
                    //  processCode=1(允许发送短信验证码)
                    return new UnifiedVerificationResp();
-            } else {
-                return null;
                }
+            }
+            return null;
        } catch (Exception e) {
            logger.error("风控接口调用异常", e);
            return null;

--- a/server/src/main/java/com/pica/cloud/account/account/server/controller/LoginController.java
+++ b/server/src/main/java/com/pica/cloud/account/account/server/controller/LoginController.java
@@ -216,12 +216,11 @@ public class LoginController extends AccountBaseController {
    @ApiOperation(value = "苹果授权登录")
    @GetMapping("/login/apple")
-    public PicaResponse appleAuth(HttpServletRequest req) throws Exception{
+    public PicaResponse appleAuth(@RequestBody EncryptEntity entity) throws Exception{
-        //@RequestBody EncryptEntity entity
+        BaseRequest request = CryptoUtil.decrypt(entity, BaseRequest.class);
-        BaseRequest request = new BaseRequest();//CryptoUtil.decrypt(entity, BaseRequest.class);
+        request.setProductType(super.getProductType());
-        //request.setProductType(super.getProductType());
+        request.setSourceType(super.getSourceType());
-        //request.setSourceType(super.getSourceType());
+        return PicaResponse.toResponse(loginService.loginByApple(request));
-        return PicaResponse.toResponse(loginService.loginByApple(req, request));
    }
    @ApiOperation(value = "苹果登录绑定手机号")

--- a/server/src/main/java/com/pica/cloud/account/account/server/req/BaseRequest.java
+++ b/server/src/main/java/com/pica/cloud/account/account/server/req/BaseRequest.java
@@ -36,6 +36,8 @@ public class BaseRequest {
    private String captchaAnswer;
    @ApiModelProperty("业务类型，1-新老业务区分标识，2-手机号格式校验业务，3-密码登录校验业务")
    private Integer bizType;
+    @ApiModelProperty("设备id")
+    private String device_token;
    @ApiModelProperty("苹果身份token")
    private String identifyToken;
    @ApiModelProperty("苹果用户id")
@@ -196,4 +198,12 @@ public class BaseRequest {
    public void setInfo(String info) {
        this.info = info;
    }
+    public String getDevice_token() {
+        return device_token;
+    }
+    public void setDevice_token(String device_token) {
+        this.device_token = device_token;
+    }
 }
--- a/server/src/main/java/com/pica/cloud/account/account/server/service/LoginService.java
+++ b/server/src/main/java/com/pica/cloud/account/account/server/service/LoginService.java
@@ -76,7 +76,7 @@ public interface LoginService {
     * @Params [baseRequest]
     * @Return com.pica.cloud.account.account.server.entity.LoginResult
     */
-    LoginResult loginByApple(HttpServletRequest req, BaseRequest baseRequest);
+    LoginResult loginByApple(BaseRequest baseRequest);
    /**
     * @Description 苹果登录绑定手机号

--- a/server/src/main/java/com/pica/cloud/account/account/server/service/impl/LoginServiceImpl.java
+++ b/server/src/main/java/com/pica/cloud/account/account/server/service/impl/LoginServiceImpl.java
--- a/server/src/main/java/com/pica/cloud/account/account/server/util/IPUtil.java
+++ b/server/src/main/java/com/pica/cloud/account/account/server/util/IPUtil.java
+package com.pica.cloud.account.account.server.util;
+import javax.servlet.http.HttpServletRequest;
+import java.util.Enumeration;
+public class IPUtil {
+    /**
+     * @Description 获取请求的外网ip
+     * @Author Chongwen.jiang
+     * @Date 2020/2/25 9:34
+     * @ModifyDate 2020/2/25 9:34
+     * @Params [request]
+     * @Return java.lang.String
+     */
+    public static String getIpAdrress(HttpServletRequest request) {
+        String ip = null;
+        //X-Forwarded-For：Squid 服务代理
+        String ipAddresses = request.getHeader("X-Forwarded-For");
+        Enumeration<String> headerNames = request.getHeaderNames();
+        while (headerNames.hasMoreElements()) {
+            //打印所有头信息
+            String s = headerNames.nextElement();
+            String header = request.getHeader(s);
+//            System.out.println(s+"::::"+header);
+        }
+//        System.out.println("headerNames:"+ JSON.toJSONString(headerNames));
+//        System.out.println("RemoteHost:"+request.getRemoteHost());
+//        System.out.println("RemoteAddr:"+request.getRemoteAddr());
+        String unknown = "unknown";
+        if (ipAddresses == null || ipAddresses.length() == 0 || unknown.equalsIgnoreCase(ipAddresses)) {
+            //Proxy-Client-IP：apache 服务代理
+            ipAddresses = request.getHeader("Proxy-Client-IP");
+        }
+        if (ipAddresses == null || ipAddresses.length() == 0 || unknown.equalsIgnoreCase(ipAddresses)) {
+            //WL-Proxy-Client-IP：weblogic 服务代理
+            ipAddresses = request.getHeader("WL-Proxy-Client-IP");
+        }
+        if (ipAddresses == null || ipAddresses.length() == 0 || unknown.equalsIgnoreCase(ipAddresses)) {
+            //HTTP_CLIENT_IP：有些代理服务器
+            ipAddresses = request.getHeader("HTTP_CLIENT_IP");
+        }
+        if (ipAddresses == null || ipAddresses.length() == 0 || unknown.equalsIgnoreCase(ipAddresses)) {
+            //X-Real-IP：nginx服务代理
+            ipAddresses = request.getHeader("X-Real-IP");
+        }
+        //有些网络通过多层代理，那么获取到的ip就会有多个，一般都是通过逗号（,）分割开来，并且第一个ip为客户端的真实IP
+        if (ipAddresses != null && ipAddresses.length() != 0) {
+            ip = ipAddresses.split(",")[0];
+        }
+        //还是不能获取到，最后再通过request.getRemoteAddr();获取
+        if (ip == null || ip.length() == 0 || unknown.equalsIgnoreCase(ipAddresses)) {
+            ip = request.getRemoteAddr();
+        }
+        if("0:0:0:0:0:0:0:1".equalsIgnoreCase(ip)){
+            ip = "127.0.0.1";
+        }
+        return ip;
+    }
+}